From ddcde038d0aee07bd550cd27b61d12bf921d0813 Mon Sep 17 00:00:00 2001
From: Daniel Cousens <github@dcousens.com>
Date: Fri, 11 Jul 2014 16:33:39 +1000
Subject: [PATCH] HDNode: enforces sane seed lengths

---
 src/hdnode.js  |  4 ++++
 test/hdnode.js | 12 ++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/src/hdnode.js b/src/hdnode.js
index abb3ec3..a3aa5ef 100644
--- a/src/hdnode.js
+++ b/src/hdnode.js
@@ -51,6 +51,10 @@ HDNode.HIGHEST_BIT = 0x80000000
 HDNode.LENGTH = 78
 
 HDNode.fromSeedBuffer = function(seed, network) {
+  assert(Buffer.isBuffer(seed), 'Expected Buffer, got' + seed)
+  assert(seed.length >= 16, 'Seed should be atleast 128 bits')
+  assert(seed.length <= 64, 'Seed should be atmost 512 bits')
+
   var I = crypto.HmacSHA512(seed, HDNode.MASTER_SECRET)
   var IL = I.slice(0, 32)
   var IR = I.slice(32)
diff --git a/test/hdnode.js b/test/hdnode.js
index 822a8ce..f4011ac 100644
--- a/test/hdnode.js
+++ b/test/hdnode.js
@@ -65,6 +65,18 @@ describe('HDNode', function() {
         assert.equal(hd.chainCode.toString('hex'), f.master.chainCode)
       })
     })
+
+    it('throws on low entropy seed', function() {
+      assert.throws(function() {
+        HDNode.fromSeedHex('ffffffffff')
+      }, /Seed should be atleast 128 bits/)
+    })
+
+    it('throws on too high entropy seed', function() {
+      assert.throws(function() {
+        HDNode.fromSeedHex('ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff')
+      }, /Seed should be atmost 512 bits/)
+    })
   })
 
   describe('toBase58', function() {